Facial reconstruction

Search LJMU Research Online

Browse Repository | Browse E-Theses

BotDet: A System for Real Time Botnet Command and Control Traffic Detection

Ghafir, I, Prenosil, V, Hammoudeh, M, Baker, T, Jabbar, S, Khalid, S and Jaf, S (2018) BotDet: A System for Real Time Botnet Command and Control Traffic Detection. IEEE Access. ISSN 2169-3536

[img]
Preview
Text
FINAL Article.pdf - Accepted Version

Download (558kB) | Preview

Abstract

Over the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed sytsem: (i) we have developed four detection modules to detect different possible techniques used in botnet C&C communications; (ii) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6% respectively. Furthermore, it proves BotDet capability of real time detection.

Item Type: Article
Additional Information: (c) 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Q Science > QA Mathematics > QA76 Computer software
Divisions: Computer Science & Mathematics
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Date Deposited: 15 Jun 2018 09:08
Last Modified: 04 Sep 2021 10:23
DOI or ID number: 10.1109/ACCESS.2018.2846740
URI: https://researchonline.ljmu.ac.uk/id/eprint/8845
View Item View Item